# Contributor: Joseph Benden <joe@benden.us>
# Maintainer: Patrycja Rosa <alpine@ptrcnull.me>
pkgname=thunderbird
pkgver=115.6.0
pkgrel=0
pkgdesc="Thunderbird email client"
url="https://www.thunderbird.net/"
# Limited on:
# armhf: build failure on armhf due to wasm
# s390x and riscv64: limited by rust and cargo
# s390x: limited by pipewire
arch="all !armhf !s390x !riscv64"
license="GPL-3.0-or-later AND LGPL-2.1-or-later AND MPL-2.0"
depends="libotr"
makedepends="
	alsa-lib-dev
	automake
	botan-dev
	bsd-compat-headers
	bzip2-dev
	cargo
	cbindgen
	clang
	clang-libclang
	dbus-glib-dev
	gettext
	gtk+3.0-dev
	hunspell-dev
	icu-dev
	json-c-dev
	libevent-dev
	libffi-dev
	libjpeg-turbo-dev
	libnotify-dev
	libogg-dev
	libtheora-dev
	libtool
	libvorbis-dev
	libvpx-dev
	libwebp-dev
	libxcomposite-dev
	libxt-dev
	lld
	llvm-dev
	m4
	mesa-dev
	nasm
	nodejs
	nspr-dev
	nss-dev
	openmp-dev
	pipewire-dev
	pulseaudio-dev
	py3-psutil
	py3-zstandard
	python3
	sed
	wasi-sdk
	wireless-tools-dev
	zip
	"
source="https://ftp.mozilla.org/pub/thunderbird/releases/$pkgver/source/thunderbird-$pkgver.source.tar.xz
	audio-lfs64.patch
	disable-moz-stackwalk.patch
	fix-fortify-system-wrappers.patch
	fix-libresolv-path.patch
	fix-rust-target.patch
	fix-webrtc-glibcisms.patch
	lfs64.patch
	metainfo.patch
	ppc-musttail.patch
	ppc-webrtc.patch
	python-deps.patch
	rust-lto-thin.patch
	sandbox-fork.patch
	sandbox-largefile.patch
	sandbox-sched_setscheduler.patch
	icu74.patch

	stab.h

	distribution.ini
	mozilla-location.keys
	thunderbird.desktop
	vendor-prefs.js
	"
options="!check" # huge browser thing, skipped like firefox

# secfixes:
#   115.5.0-r0:
#     - CVE-2023-6204
#     - CVE-2023-6205
#     - CVE-2023-6206
#     - CVE-2023-6207
#     - CVE-2023-6208
#     - CVE-2023-6209
#     - CVE-2023-6212
#   115.4.1-r0:
#     - CVE-2023-5721
#     - CVE-2023-5732
#     - CVE-2023-5724
#     - CVE-2023-5725
#     - CVE-2023-5726
#     - CVE-2023-5727
#     - CVE-2023-5728
#     - CVE-2023-5730
#   102.1.0-r0:
#     - CVE-2022-2200
#     - CVE-2022-2226
#     - CVE-2022-31744
#     - CVE-2022-34468
#     - CVE-2022-34470
#     - CVE-2022-34472
#     - CVE-2022-34478
#     - CVE-2022-34479
#     - CVE-2022-34481
#     - CVE-2022-34484
#   102.0-r0:
#     - CVE-2022-2200
#     - CVE-2022-2226
#     - CVE-2022-31744
#     - CVE-2022-34468
#     - CVE-2022-34470
#     - CVE-2022-34472
#     - CVE-2022-34478
#     - CVE-2022-34479
#     - CVE-2022-34481
#     - CVE-2022-34484
#   91.10.0-r0:
#     - CVE-2022-1834
#     - CVE-2022-31736
#     - CVE-2022-31737
#     - CVE-2022-31738
#     - CVE-2022-31739
#     - CVE-2022-31740
#     - CVE-2022-31741
#     - CVE-2022-31742
#     - CVE-2022-31747
#   91.9.1-r0:
#     - CVE-2022-1529
#     - CVE-2022-1802
#   91.9.0-r0:
#     - CVE-2022-1520
#     - CVE-2022-29909
#     - CVE-2022-29911
#     - CVE-2022-29912
#     - CVE-2022-29913
#     - CVE-2022-29914
#     - CVE-2022-29916
#     - CVE-2022-29917
#   91.8.0-r0:
#     - CVE-2022-1097
#     - CVE-2022-1196
#     - CVE-2022-1197
#     - CVE-2022-24713
#     - CVE-2022-28281
#     - CVE-2022-28282
#     - CVE-2022-28285
#     - CVE-2022-28286
#     - CVE-2022-28289
#   91.7.0-r0:
#     - CVE-2022-26381
#     - CVE-2022-26383
#     - CVE-2022-26384
#     - CVE-2022-26386
#     - CVE-2022-26388
#   91.6.2-r0:
#     - CVE-2022-0566
#     - CVE-2022-26485
#     - CVE-2022-26486
#   91.6.0-r0:
#     - CVE-2022-22753
#     - CVE-2022-22754
#     - CVE-2022-22756
#     - CVE-2022-22759
#     - CVE-2022-22760
#     - CVE-2022-22761
#     - CVE-2022-22763
#     - CVE-2022-22764
#   91.5.0-r0:
#     - CVE-2021-4140
#     - CVE-2022-22737
#     - CVE-2022-22738
#     - CVE-2022-22739
#     - CVE-2022-22740
#     - CVE-2022-22741
#     - CVE-2022-22742
#     - CVE-2022-22743
#     - CVE-2022-22744
#     - CVE-2022-22745
#     - CVE-2022-22746
#     - CVE-2022-22747
#     - CVE-2022-22748
#     - CVE-2022-22751
#   91.4.1-r0:
#     - CVE-2021-4126
#     - CVE-2021-44538
#   91.4.0-r0:
#     - CVE-2021-4129
#     - CVE-2021-43528
#     - CVE-2021-43536
#     - CVE-2021-43537
#     - CVE-2021-43538
#     - CVE-2021-43539
#     - CVE-2021-43541
#     - CVE-2021-43542
#     - CVE-2021-43543
#     - CVE-2021-43545
#     - CVE-2021-43546
#   91.3.2-r0:
#     - CVE-2021-23961
#     - CVE-2021-23994
#     - CVE-2021-23995
#     - CVE-2021-23998
#     - CVE-2021-23999
#     - CVE-2021-24002
#     - CVE-2021-29945
#     - CVE-2021-29946
#     - CVE-2021-29948
#     - CVE-2021-29951
#     - CVE-2021-29956
#     - CVE-2021-29957
#     - CVE-2021-29964
#     - CVE-2021-29967
#     - CVE-2021-29969
#     - CVE-2021-29970
#     - CVE-2021-29976
#     - CVE-2021-29980
#     - CVE-2021-29980
#     - CVE-2021-29981
#     - CVE-2021-29982
#     - CVE-2021-29984
#     - CVE-2021-29985
#     - CVE-2021-29986
#     - CVE-2021-29987
#     - CVE-2021-29988
#     - CVE-2021-29989
#     - CVE-2021-29991
#     - CVE-2021-30547
#     - CVE-2021-32810
#     - CVE-2021-38492
#     - CVE-2021-38493
#     - CVE-2021-38495
#     - CVE-2021-38496
#     - CVE-2021-38497
#     - CVE-2021-38498
#     - CVE-2021-38500
#     - CVE-2021-38501
#     - CVE-2021-38502
#     - CVE-2021-38503
#     - CVE-2021-38504
#     - CVE-2021-38505
#     - CVE-2021-38506
#     - CVE-2021-38507
#     - CVE-2021-38508
#     - CVE-2021-38509
#     - CVE-2021-38510
#     - CVE-2021-43534
#     - CVE-2021-43535
#   78.9.0-r0:
#     - CVE-2021-23968
#     - CVE-2021-23969
#     - CVE-2021-23973
#     - CVE-2021-23978
#     - CVE-2021-23981
#     - CVE-2021-23982
#     - CVE-2021-23984
#     - CVE-2021-23987
#   78.7.0-r0:
#     - CVE-2020-15685
#     - CVE-2020-26976
#     - CVE-2021-23953
#     - CVE-2021-23954
#     - CVE-2021-23960
#     - CVE-2021-23964
#   78.6.1-r0:
#     - CVE-2020-16044
#     - CVE-2020-16042
#     - CVE-2020-26971
#     - CVE-2020-26973
#     - CVE-2020-26974
#     - CVE-2020-26978
#     - CVE-2020-35111
#     - CVE-2020-35112
#     - CVE-2020-35113
#   78.5.1-r0:
#     - CVE-2020-15683
#     - CVE-2020-15969
#     - CVE-2020-15999
#     - CVE-2020-16012
#     - CVE-2020-26950
#     - CVE-2020-26951
#     - CVE-2020-26953
#     - CVE-2020-26956
#     - CVE-2020-26958
#     - CVE-2020-26959
#     - CVE-2020-26960
#     - CVE-2020-26961
#     - CVE-2020-26965
#     - CVE-2020-26966
#     - CVE-2020-26968
#     - CVE-2020-26970
#   68.10.0-r0:
#     - CVE-2020-12417
#     - CVE-2020-12418
#     - CVE-2020-12419
#     - CVE-2020-12420
#     - CVE-2020-12421
#   68.9.0-r0:
#     - CVE-2020-12398
#     - CVE-2020-12399
#     - CVE-2020-12405
#     - CVE-2020-12406
#     - CVE-2020-12410
#   68.8.0-r0:
#     - CVE-2020-12387
#     - CVE-2020-12392
#     - CVE-2020-12393
#     - CVE-2020-12395
#     - CVE-2020-12397
#     - CVE-2020-6831
#   68.7.0-r0:
#     - CVE-2020-6819
#     - CVE-2020-6820
#     - CVE-2020-6821
#     - CVE-2020-6822
#     - CVE-2020-6825
#   68.6.0-r0:
#     - CVE-2019-20503
#     - CVE-2020-6805
#     - CVE-2020-6806
#     - CVE-2020-6807
#     - CVE-2020-6811
#     - CVE-2020-6812
#     - CVE-2020-6814
#   68.5.0-r0:
#     - CVE-2020-6793
#     - CVE-2020-6794
#     - CVE-2020-6795
#     - CVE-2020-6797
#     - CVE-2020-6798
#     - CVE-2020-6792
#     - CVE-2020-6800

_mozappdir=/usr/lib/thunderbird

# help our shared-object scanner to find the libs
ldpath="$_mozappdir"
sonameprefix="$pkgname:"

# we need this because cargo verifies checksums of all files in vendor
# crates when it builds and gives us no way to override or update the
# file sanely... so just clear out the file list

_clear_vendor_checksums() {
	sed -i 's/\("files":{\)[^}]*/\1/' third_party/rust/$1/.cargo-checksum.json
}

# Build with Clang, only supported, much better here
export CC="clang"
export CXX="clang++"

export SHELL=/bin/sh
export BUILD_OFFICIAL=1
export MOZILLA_OFFICIAL=1
export USE_SHORT_LIBNAME=1
export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system
export MOZBUILD_STATE_PATH="$srcdir"/mozbuild
# disable desktop notifications
export MOZ_NOSPAM=1
# Find our triplet JSON
export RUST_TARGET="$CTARGET"

# set rpath so linker finds the libs
export LDFLAGS="$LDFLAGS -Wl,-rpath,$_mozappdir"

# let firefox do this itself.
unset CARGO_PROFILE_RELEASE_OPT_LEVEL
unset CARGO_PROFILE_RELEASE_LTO

export CFLAGS="${CFLAGS/-fstack-clash-protection/} -g0 -O2"
export CXXFLAGS="${CXXFLAGS/-fstack-clash-protection/} -g0 -O2 -Wno-deprecated-builtins -Wno-deprecated-declarations"

prepare() {
	default_prepare
	cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/

	_clear_vendor_checksums audio_thread_priority

	base64 -d "$srcdir"/mozilla-location.keys > "$builddir"/mozilla-api-key

	case "$CARCH" in
	aarch64|arm*|x86*)
		# disable-elf-hack: exists only on aarch64, arm*, x86, x86_64
		local arch_config="ac_add_options --disable-elf-hack"
		;;
	esac

	# webrtc does not build on these
	case "$CARCH" in
	ppc64le)
		local webrtc_config="ac_add_options --disable-webrtc"
		;;
	esac

	# FF esr doesn't have SIMD available on armv7
	case "$CARCH" in
	armv7)
		# broken here
		local rust_simd="ac_add_options --disable-rust-simd"
		;;
	*)
		local rust_simd="ac_add_options --enable-rust-simd"
		;;
	esac

	# sandbox only supported here
	case "$CARCH" in
	x86*|armv7|aarch64)
		local sandbox="ac_add_options --enable-sandbox"
		;;
	*)
		local sandbox="ac_add_options --disable-sandbox"
		;;
	esac

	cat > base-mozconfig <<-EOF
	# disable unwanted things
	ac_add_options --disable-bootstrap
	ac_add_options --disable-cargo-incremental
	ac_add_options --disable-crashreporter
	ac_add_options --disable-debug
	ac_add_options --disable-debug-symbols
	ac_add_options --disable-install-strip
	ac_add_options --disable-jemalloc
	ac_add_options --disable-strip
	ac_add_options --disable-tests
	ac_add_options --disable-updater

	# features
	ac_add_options --enable-alsa
	ac_add_options --enable-application=comm/mail
	ac_add_options --enable-dbus
	ac_add_options --enable-default-toolkit=cairo-gtk3-wayland
	ac_add_options --enable-ffmpeg
	ac_add_options --enable-hardening
	ac_add_options --enable-linker=lld
	ac_add_options --enable-necko-wifi
	ac_add_options --enable-official-branding
	ac_add_options --enable-optimize="$CFLAGS"
	ac_add_options --enable-pulseaudio
	ac_add_options --enable-release
	ac_add_options --enable-update-channel=release

	# system libs
	ac_add_options --enable-system-pixman
	ac_add_options --with-librnp-backend=botan
	ac_add_options --with-system-botan
	ac_add_options --with-system-bz2
	ac_add_options --with-system-ffi
	ac_add_options --with-system-icu
	ac_add_options --with-system-jpeg
	ac_add_options --with-system-jsonc
	ac_add_options --with-system-libevent
	ac_add_options --with-system-libvpx
	ac_add_options --with-system-nspr
	ac_add_options --with-system-nss
	ac_add_options --with-system-png
	ac_add_options --with-system-webp
	ac_add_options --with-system-zlib

	# misc
	ac_add_options --prefix=/usr
	ac_add_options --with-distribution-id=org.alpinelinux
	ac_add_options --with-libclang-path=/usr/lib
	ac_add_options --with-unsigned-addon-scopes=app,system
	ac_add_options --with-wasi-sysroot=/usr/share/wasi-sysroot
	ac_add_options --host=$CHOST
	ac_add_options --target=$CTARGET

	# objdir
	mk_add_options MOZ_OBJDIR="$builddir/obj"

	mk_add_options RUSTFLAGS="$RUSTFLAGS"

	# keys
	# these are for alpine linux use only
	ac_add_options --with-mozilla-api-keyfile="$builddir/mozilla-api-key"

	$arch_config
	$rust_simd
	$sandbox
	$webrtc_config
	EOF

	# XXX: fix transparency in icon
	sed -i '/^<rect/d' comm/mail/branding/thunderbird/TB-symbolic.svg
}

build() {
	cat > .mozconfig base-mozconfig

	export MOZ_BUILD_DATE="$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y%m%d%H%M%S")"

	# for lto
	ulimit -n 4096

	# can't be set here and fail
	unset RUSTFLAGS

	local thinlto_jobs=${JOBS:-1}

	case "$CARCH" in
	# on this platform, lld seems to not utilise >1 threads for thinlto for some reason.
	# at the same time, having more than 8 also crashes lld for firefox buildsystems (why?).
	aarch64)
		if [ $thinlto_jobs -gt 8 ]; then
			thinlto_jobs=8
		fi
		;;
	esac

	export LDFLAGS="$LDFLAGS -Wl,--thinlto-jobs=$thinlto_jobs"

	case "$CARCH" in
	# lto for 64-bit systems only
	aarch64|x86_64|ppc64le)
		cat > .mozconfig base-mozconfig <<-EOF
		ac_add_options --enable-lto=cross
		EOF
	esac

	./mach build
}

package() {
	DESTDIR="$pkgdir" ./mach install

	local _png
	for _png in "$builddir"/comm/mail/branding/thunderbird/default*.png; do
		local i=${_png%.png}
		i=${i##*/default}
		install -Dm644 "$_png" "$pkgdir"/usr/share/icons/hicolor/"$i"x"$i"/apps/thunderbird.png
	done

	install -Dm644 "$builddir"/comm/mail/branding/thunderbird/TB-symbolic.svg \
		"$pkgdir"/usr/share/icons/hicolor/symbolic/apps/thunderbird-symbolic.svg

	install -Dm644 "$builddir"/comm/mail/branding/thunderbird/net.thunderbird.Thunderbird.appdata.xml \
		-t "$pkgdir"/usr/share/metainfo

	install -Dm644 "$srcdir"/thunderbird.desktop \
		-t "$pkgdir"/usr/share/applications

	install -Dm644 "$srcdir"/vendor-prefs.js \
		-t "$pkgdir"/$_mozappdir/defaults/pref
	install -Dm644 "$srcdir"/distribution.ini \
		-t "$pkgdir"/$_mozappdir/distribution

	# Use system-provided dictionaries
	ln -Tsfv /usr/share/hunspell "$pkgdir"/usr/lib/$pkgname/dictionaries
	ln -Tsfv /usr/share/hyphen "$pkgdir"/usr/lib/$pkgname/hyphenation

	# Replace duplicate binary with wrapper
	# https://bugzilla.mozilla.org/show_bug.cgi?id=658850
	install -Dm755 /dev/stdin "$pkgdir"/usr/bin/thunderbird <<- EOF
	#!/bin/sh
	exec $_mozappdir/thunderbird "\$@"
	EOF
	rm "$pkgdir"/$_mozappdir/thunderbird-bin
	ln -sfv /usr/bin/thunderbird "$pkgdir"/$_mozappdir/thunderbird-bin
}
sha512sums="
2484a99a62fc960b7926b1daa6055e14b1f9e1006ea45522d16131071b33003d4f7ef95911fd2ceb3e941f9d251c66d917013d6a5ecd717d2b1c6d33944f2e01  thunderbird-115.6.0.source.tar.xz
3e0501ae7a650346c667dfdc0ae0ca286084f22e89ab2ac671cc0d7315673dc5b6dcb9f9882f6f39d26e9a31e57f7a0fd53d6b805e520224e22b8976850e2eb8  audio-lfs64.patch
454ea3263cabce099accbdc47aaf83be26a19f8b5a4568c01a7ef0384601cf8315efd86cd917f9c8bf419c2c845db89a905f3ff9a8eb0c8e41042e93aa96a85c  disable-moz-stackwalk.patch
2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71  fix-fortify-system-wrappers.patch
400d9618007fc508e8e5831a10f54da0d022a786a87a647d9f3c2e2c9b875cfc3d2291319ecc41188f1ace7ca437091ad97ed09563e36b89fdca8da83edccbd0  fix-libresolv-path.patch
cd68b89e29e5f6379fbd5679db27b9a5ef70ea65e51c0d0a8137e1f1fd210e35a8cfb047798e9549bc7275606d7ec5c8d8af1335d29da4699db7acd8bc7ff556  fix-rust-target.patch
305c874fdea3096e9c4c6aa6520ac64bb1c347c4b59db8360096646593fe684c3b5377874d91cecd33d56d1410b4714fbdea2b514923723ecbeff79d51265d9b  fix-webrtc-glibcisms.patch
5fa9382c692e4bd6a2634308f24a6526fd12a60a2563d2090056d43a60505df3ec9881bbf54562e69394467529b3b0dc45955afca46ed329af03cea074fff070  lfs64.patch
79948c0670e4ff1d9dac3b11b64937e58fb73dd9ea405cbebc6777ec96243ac3d8ac820b2ac67c1b39aaa286267da156b00ff28abc40a5071e189637046b9834  metainfo.patch
2d8dff86212d6d2a904cbb5a5a1d6c17b89adc929fc6a3f4c6cb669f5e83ecddff5a799225319ba445a187b04d111251af75dd3ce8a039164bc14d2a432a2a04  ppc-musttail.patch
6f60e83599041db1b707c21784197ea9816b2c936b89a274bfc24554a600981e6f28448fe41fab0942bd31acd49b1c00beb2eb0961149f2ffa6a4154be123ea7  ppc-webrtc.patch
ff3618223bba2d7b877a16451256e67d973c5f4e24027cb5a7da4c0a6f6a028a1eb51d3cbcddae71bca584a4c13cb485950b86022ea26d4e25ae3fdf3ce5d910  python-deps.patch
1c6918dd6655d3a1251bfd4af2e1c561cbb00d540a883b4c1ebf7f5de530d754d9ac07b4b5f56cdab6c511d25c8910ec94043f5733e97501a67abffe1bafaeb1  rust-lto-thin.patch
2518f2fc75b5db30058e0735f47d60fdf1e7adfaeee4b33fb2afb1bd9a616ce943fd88f4404d0802d4083703f4acf1d5ad42377218d025bc768807fbaf7e1609  sandbox-fork.patch
b7d0a6126bdf6c0569f80aabf5b37ed2c7a35712eb8a0404a2d85381552f5555d4f97d213ea26cec6a45dc2785f22439376ed5f8e78b4fd664ef0223307b333e  sandbox-largefile.patch
94433c5ffdbe579c456d95c5f053f61fcbab2f652fa90bc69dcc27d9a1507a8e5c677adeadae9a7a75cc9a55184c1040737f4dfd10b279c088ef016561e6f135  sandbox-sched_setscheduler.patch
afabea91b328c5a68eaa20f9099ac7b2d0e7f2423e816b05ed168bdd326a5684fa02de08bf05c6033e9b888f02775d1b0443a00329b7a632ee399122a391c13a  icu74.patch
0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127  stab.h
3d1f85c2cd446a973cf158caada7fbc32cbc890ec5111d6d2ac98862df11d0c80cc52eaec290721c64034be7398ed68a91405f168e13ca71ff1981f51cb60046  distribution.ini
382510375b1a2fa79be0ab79e3391a021ae2c022429ffbaa7e7a69166f99bb56d01e59a1b10688592a29238f21c9d6977672bd77f9fae439b66bdfe0c55ddb15  mozilla-location.keys
5eddbfdbe3f8ed31936c0b9e9e6313aa35f1a75d0a2303c0a0742e06997714b787e444fae1696453e3e146226bf2f7fe2ab5e34b0b2069f05f0ccbc55099de89  thunderbird.desktop
d48e2a328fd756e082e7ccd1b3156b5066b4526c2647fafad9d22189b3413d6a564a4d0b03b37a9670c53d65b5ba4a7af855a7a4a4583e4228ee66510bdb379d  vendor-prefs.js
"
